Matomo (formerly Piwik) is a free and open source web analytics application developed by a team of international developers, that runs on a PHP/MySQL web server. It tracks online visits to one or more websites and displays reports on these visits for analysis. You can think of it as an alternative to Google Analytics. Matomo is open source and its code is publicly available on Github. Some of the features it has are: A/B Testing, Heatmaps, Funnels, Tracking and Reporting API, Google AdWords, Facebook Ads, Bing Ads, Cost Per Click (CPC), etc. This tutorial will show you how to install Matomo on a Fedora 29 system using Nginx as the web server and we will secure the website with a Let's Encrypt SSL certificate.

 

Requirements

To run Matomo (Piwik) on your Fedora 29 system you will need a couple of things:

  • Web server such as Apache, Nginx, IIS.
  • PHP version 5.5.9 or higher with pdo and pdo_mysql or mysqli, gd, xml, curl, and mbsting extensions. PHP 7+ is recommended.
  • MySQL version 5.5 or higher, or the equivalent MariaDB version. MySQL 5.7+ is recommended.

 

Prerequisites

  • An operating system running Fedora 29.
  • A non-root user with sudo privileges.

 

Initial steps

 

Check your Fedora version:

cat /etc/fedora-release
# Fedora release 29 (Twenty Nine)

 

Set up the timezone:

timedatectl list-timezones
sudo timedatectl set-timezone 'Region/City'

 

Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system's default software packages:

sudo dnf check-update; sudo dnf update -y

 

Install some essential packages that are necessary for basic administration of the Fedora operating system:

sudo dnf install -y curl wget vim git unzip socat

 

Step 1 - Install MariaDB and create a database for Matomo

 

Matomo supports MySQL and MariaDB databases. In this tutorial, we will use MariaDB as the database server.

 

Install a MariaDB database server:

sudo dnf install -y mariadb-server

 

Check the MariaDB version:

mysql --version

# mysql  Ver 15.1 Distrib 10.3.11-MariaDB, for Linux (x86_64) using readline 5.1

 

Start and enable MariaDB service:

sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

 

Run mysql_secure installation script to improve MariaDB security and set the password for MariaDB root user:

sudo mysql_secure_installation

 

Answer each of the questions:

Would you like to setup VALIDATE PASSWORD plugin? N
New password: your_secure_password
Re-enter new password: your_secure_password
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

 

Connect to MariaDB shell as the root user:

sudo mysql -u root -p
# Enter password

 

Create an empty MariaDB database and user for Matomo and remember the credentials:

MariaDB> CREATE DATABASE dbname;
MariaDB> GRANT ALL ON dbname.* TO 'username' IDENTIFIED BY 'password';
MariaDB> FLUSH PRIVILEGES;

 

Exit from MariaDB:

mysql> exit

 

Replace dbname, username and password with your own names.

 

Step 2 - Install PHP and necessary PHP extensions

 

Install PHP, as well as the necessary PHP extensions:

sudo dnf install -y php php-cli php-fpm php-common php-curl php-gd php-xml php-mbstring php-mysqlnd php-json

 

Check the PHP version:

php --version

# PHP 7.2.14 (cli) (built: Jan  8 2019 09:59:17) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies

 

Start and enable PHP-FPM service:

sudo systemctl start php-fpm.service
sudo systemctl enable php-fpm.service

 

We can move on to the next step, which is obtaining free SSL certs from Let's Encrypt CA.

 

Step 3 - Install acme.sh client and obtain Let's Encrypt certificate (optional)

 

Securing your website with HTTPS is not necessary, but it is a good practice to secure your site traffic. In order to obtain TLS certificate from Let's Encrypt we will use Acme.sh client. Acme.sh is a pure UNIX shell software for obtaining TLS certificates from Let's Encrypt with zero dependencies. 

 

Download and install Acme.sh:

sudo mkdir /etc/letsencrypt
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh 
sudo ./acme.sh --install --home /etc/letsencrypt --accountemail your_email@example.com
cd ~

 

Check Acme.sh version:

/etc/letsencrypt/acme.sh --version
# v2.8.0

 

Obtain RSA and ECC/ECDSA certificates for your domain/hostname:

# RSA 2048
sudo /etc/letsencrypt/acme.sh --issue --standalone --home /etc/letsencrypt -d example.com --keylength 2048
# ECDSA
sudo /etc/letsencrypt/acme.sh --issue --standalone --home /etc/letsencrypt -d example.com --keylength ec-256

 

After running the above commands, your certificates and keys will be in:

 

For RSA: /etc/letsencrypt/example.com directory.

For ECC/ECDSA: /etc/letsencrypt/example.com_ecc directory.

 

Step 3 - Install NGINX and configure NGINX for Matomo

 

Matomo can work fine with many popular web server software. In this tutorial, we selected Nginx. 

 

Download and install Nginx from the Fedora repository:

sudo dnf install -y nginx

 

Check the Nginx version:

sudo nginx -v
# nginx version: nginx/1.14.1

 

Start and enable Nginx service:

sudo systemctl start nginx.service
sudo systemctl enable nginx.service

 

Configure Nginx for Matomo by running:

sudo vim /etc/nginx/conf.d/matomo.conf

 

And populate the file with the following configuration:

 server {

  listen [::]:443 ssl http2;
  listen 443 ssl http2;
  listen [::]:80;
  listen 80;

  server_name example.com;
  root /var/www/matomo/;
  index index.php;

  ssl_certificate /etc/letsencrypt/example.com/fullchain.cer; 
  ssl_certificate_key /etc/letsencrypt/example.com/example.com.key; 
  ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.cer;
  ssl_certificate_key /etc/letsencrypt/example.com_ecc/example.com.key;

  location ~ ^/(index|matomo|piwik|js/index).php {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    try_files $fastcgi_script_name =404;
    set $path_info $fastcgi_path_info;
    fastcgi_param PATH_INFO $path_info;
    fastcgi_index index.php;
    include fastcgi.conf;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param HTTP_PROXY ""; 
    fastcgi_pass unix:/run/php-fpm/www.sock; 
  }
  
  location = /plugins/HeatmapSessionRecording/configs.php {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    try_files $fastcgi_script_name =404;
    set $path_info $fastcgi_path_info;
    fastcgi_param PATH_INFO $path_info;
    fastcgi_index index.php;
    include fastcgi.conf;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param HTTP_PROXY "";
    fastcgi_pass unix:/run/php-fpm/www.sock;
  }

  location ~* ^.+\.php$ {
    deny all;
    return 403;
  }

  location / {
    try_files $uri $uri/ =404;
  }
  
  location ~ /(config|tmp|core|lang) {
    deny all;
    return 403;
  }

  location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ {
    allow all;
  }

  location ~ /(libs|vendor|plugins|misc/user) {
    deny all;
    return 403;
  }

}

 

NOTE: For complete and production ready Nginx config for Matomo visit https://github.com/matomo-org/matomo-nginx.

 

Check Nginx configuration for syntax errors:

sudo nginx -t

 

Reload Nginx service:

sudo systemctl reload nginx.service

 

Step 4 - Install Matomo Analytics

 

Create /var/www directory:

sudo mkdir -p /var/www/

 

Navigate to /var/www directory:

cd /var/www/

 

Download the latest release Matomo via wget and unzip it:

sudo wget https://builds.matomo.org/matomo.zip && sudo unzip matomo.zip

 

Remove downloaded matomo.zip file:

sudo rm matomo.zip

 

Change ownership of the /var/www/matomo directory to nginx user:

sudo chown -R nginx:nginx /var/www/matomo

 

Run sudo vim /etc/php-fpm.d/www.conf and set user and group to nginx. Initially, it will be set to user and group apache.

sudo vim /etc/php-fpm.d/www.conf
# user = nginx
# group = nginx

 

Restart PHP-FPM service.

sudo systemctl restart php-fpm.service

 

Step 5 - Complete the Matomo Analytics setup

 

Open your site in a web browser and follow the Matomo web installation wizard.

 

First, Matomo welcome message should appear. Click on the "Next" button.

 

After, you will see a "System Check" page. If something is missing, you will see a warning. If everything is marked with green checkmark click on the "Next" button to proceed to the next step.

 

Next, fill in database details and click on the "Next" button.

 

If everything went well with database setup you should see "Tables created with success!" message.

 

Create Matomo super user account and click on the "Next" button.

 

Next, set up the first website you would like to track and analyze with Matomo. Later on, you can add more sites to track with Matomo.

 

Next, you will be provided with the JavaScript tracking code for your site that you need to add to start tracking. 

 

Next, you should see that Matomo installation is completed.

 

Congratulations! Your Matomo installation is complete.

 

Was this answer helpful? 0 Users Found This Useful (0 Votes)